Vulnerabilities / Threats
6/10/2013
02:49 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Palo Alto Networks Brings WildFire To The Private Cloud

Palo Alto Networks WF-500 appliance offers sandbox detection and analysis capabilities

Santa Clara, Calif., June 3, 2013 – Palo Alto Networks® (NYSE: PANW), the network security company&trade, today announced availability of the Palo Alto Networks WF-500 appliance, the first platform designed to deliver a private cloud solution for timely and thorough detection, analysis and prevention of advanced persistent threats (APTs).

Designed to meet the needs of customers with restrictions that preclude them from accessing a public cloud option, the Palo Alto Networks WF-500 appliance delivers the comprehensive sandbox detection and analysis capabilities of the Palo Alto Networks public cloud based WildFire subscription offering on a customer-owned platform. When deployed with an inline Palo Alto Networks next-generation firewall, the WF-500 also offers full prevention capabilities.

Only Palo Alto Networks offers this kind of "closed loop" prevention solution that includes private or public cloud deployment options, thorough detection and analysis of all network traffic, and the ability to automatically block malware and APTs with the Palo Alto Networks next-generation firewall.

QUOTES

· Securosis Analyst and President Mike Rothman commented on the benefits of a private cloud approach in a recent blog ("Network-based Malware Detection 2.0: Scaling NBMD"): "These malware-analysis private clouds provide a central analysis device and interact with enforcement points throughout the network. This provides the leverage of not having to deploy NBMD devices at all ingress points, as well as facilitating internal sharing of intelligence."

· "Quickly identifying and eliminating previously unknown threats across all applications is key to protecting an organization from today's advanced threats; only Palo Alto Networks offers its customers a public or private cloud deployment choice and the closed loop capabilities to most efficiently and effectively stop APTs," said Lee Klarich, senior vice president of product management, Palo Alto Networks.

Wildfire offers Superior Detection, Analysis and Prevention

Now used by more than 1,700 customers globally, the WildFire service aggregates suspicious files flagged by Palo Alto Networks next-generation firewalls deployed at customer sites around the world. The files are uploaded for analysis by Palo Alto Networks systems and experts. If a file is determined to be malware or an APT, a signature is generated and automatically sent to subscribing Palo Alto Networks WildFire customers' next-generation firewalls to provide protection from:

· The newly detected malware and its variants;

· Traffic that malware generates including unique domain queries; and

· Command-and-control and domain name system (DNS) traffic.

The WF-500 appliance offers these same advantages on a secure device inside the customer's network. Customers are then free to detect, analyze, and eradicate suspected threats in a private cloud under their control. If they choose to, they are also free to share confirmed findings with or receive updated malware signatures from the WildFire cloud service.

Availability

The Palo Alto Networks WF-500 appliance is available now. For more information and pricing, contact a local reseller or visit http://www.paloaltonetworks.com.

About Palo Alto Networks

Palo Alto Networks is the network security company. Its innovative platform allows enterprises, service providers, and government entities to secure their networks and safely enable the increasingly complex and rapidly growing number of applications running on their networks. The core of Palo Alto Networks platform is its Next-Generation Firewall, which delivers application, user, and content visibility and control integrated within the firewall through its proprietary hardware and software architecture. Palo Alto Networks products and services can address a broad range of network security requirements, from the data center to the network perimeter, as well as the distributed enterprise, which includes branch offices and a growing number of mobile devices. Palo Alto Networks products are used by more than 12,500 customers in over 100 countries. For more information, visit www.paloaltonetworks.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-9676
Published: 2015-02-27
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free.

CVE-2014-9682
Published: 2015-02-27
The dns-sync module before 0.1.1 for node.js allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the first argument to the resolve API function.

CVE-2015-0655
Published: 2015-02-27
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

CVE-2015-0884
Published: 2015-02-27
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) and Service Station before 2.2.14 allows local users to gain privileges via a Trojan horse application with a name composed of an initial substring of a path that contains a space character.

CVE-2015-0885
Published: 2015-02-27
checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.